From: Me Now on
Hi,

Maybe a little off topic as Wireshark is available in several flavours
but....

I have captured traffic from our corporate LAN for about a week and now
I have a sizeable collection of 20MB capture files.

Are there any tools available for Linux that will parse the information
in the capture files and extract information based an a particular
criteria? I know I can filter the traffic within wireshark but that is
impractical for my immediate requirements.

A couple of examples:

1. Identify all traffic on port 8080 to a specific IP address and create
a single list of GET requests using all the capture files.

2. Identify all SMTP traffic and write each captured email to a separate
file.

I appreciate the examples are very different but it gives you an idea of
the scope of requirements I have!

Any help would be greatly appreciated,

Me Now.

--
Posted via a free Usenet account from http://www.teranews.com